Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/K9-1z5-rs02RDoq8eHk55CYBtw4.roa
File: K9-1z5-rs02RDoq8eHk55CYBtw4.roa (raw, json)
Hash identifier: Rb4pjiWrEJ9qX+lp92O++H1hZXJdtTJXF7nQ2Fq0zgA=
Subject key identifier: 2B:DF:B5:CF:9F:AB:B3:4D:91:0E:8A:BC:78:79:39:E4:26:01:B7:0E
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 018CC8DE84FB4938A33217636833553725FB
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/K9-1z5-rs02RDoq8eHk55CYBtw4.roa
Signing time: Tue 02 Jan 2024 06:31:15 +0000
ROA not before: Tue 02 Jan 2024 06:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50007
IP address blocks: 2a09:f180::/48 maxlen: 48
2a09:98c0::/48 maxlen: 48
2a09:9940::/48 maxlen: 48
2a09:4040::/48 maxlen: 48
2a09:1140::/48 maxlen: 48
2a06:3b00::/48 maxlen: 48
2a09:6a80::/48 maxlen: 48
2a09:40c0::/48 maxlen: 48
2a09:9740::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:84:fb:49:38:a3:32:17:63:68:33:55:37:25:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jan 2 06:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bdfb5cf9fabb34d910e8abc787939e42601b70e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e5:a1:ad:37:85:ab:e1:06:9c:ff:3e:42:44:
6a:8b:f5:cb:61:15:3c:82:6c:6e:9f:45:d1:5b:12:
24:d3:41:6a:89:75:aa:9b:fa:32:b7:f1:df:0a:6c:
f1:bd:f1:52:92:35:43:7b:a4:bd:7a:35:ea:a5:17:
8d:fa:2f:82:bf:97:c6:51:ff:74:3e:93:ec:68:3e:
94:ab:90:40:f3:33:dd:b8:d2:6b:c1:f4:6a:a7:20:
0d:5e:ae:53:d4:ec:a5:bb:e3:e0:57:03:ff:8e:4f:
e8:e6:a0:ab:84:37:cc:1b:f1:6f:25:8c:28:f0:0f:
30:27:b4:f2:c3:b5:e9:40:86:89:82:8f:97:bc:a3:
9c:11:c4:54:de:8b:e9:53:1e:36:9e:de:92:24:03:
bf:87:b2:30:53:c1:96:45:1d:d2:3e:b6:a0:8a:55:
5e:c3:ab:ce:49:fd:70:65:e6:a5:d9:6e:35:e4:6a:
46:1f:20:f2:b4:d9:d3:bf:e7:5c:b2:0a:7d:9c:6a:
75:91:a8:2c:77:5e:25:9e:a6:a7:e6:1c:7c:bd:71:
f9:95:64:83:c1:65:b1:9f:44:82:bd:d6:65:23:fc:
f1:6e:e7:2c:a7:9a:a8:81:98:30:02:79:a0:56:9f:
2a:1a:01:aa:1f:b7:74:57:7a:35:55:79:06:ca:6c:
6c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:DF:B5:CF:9F:AB:B3:4D:91:0E:8A:BC:78:79:39:E4:26:01:B7:0E
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/K9-1z5-rs02RDoq8eHk55CYBtw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:3b00::/48
2a09:1140::/48
2a09:4040::/48
2a09:40c0::/48
2a09:6a80::/48
2a09:9740::/48
2a09:98c0::/48
2a09:9940::/48
2a09:f180::/48
Signature Algorithm: sha256WithRSAEncryption
40:35:d1:a6:aa:ce:e8:ff:41:cb:25:49:16:31:ea:5d:6b:99:
08:7f:0f:c5:9c:3b:b6:c5:11:0c:86:d9:75:f3:cb:b7:7c:67:
12:0c:0d:f0:e7:43:98:03:55:aa:00:68:e0:bf:02:ea:9e:d2:
8b:b3:dd:c2:88:43:6b:71:23:23:17:ae:e0:db:72:26:fc:f6:
0d:9e:f1:c6:67:3b:8e:74:ba:15:61:4c:99:98:5f:fd:b9:39:
5a:5e:06:28:51:10:0c:7b:ab:d1:97:91:91:11:93:ab:74:5c:
a7:96:e7:b9:33:dc:2e:b6:a6:0e:0c:d0:d8:7b:75:a7:2c:13:
ce:8c:b3:cf:a1:a0:cd:09:35:40:a8:0e:66:ca:80:fc:b1:fe:
e4:4d:64:26:b7:ba:bb:81:14:be:a1:27:6b:1d:a0:e3:88:e5:
47:93:88:aa:d8:eb:d3:a5:65:02:28:2e:4f:f4:32:1f:64:33:
47:b9:6f:da:49:40:55:1f:f6:81:85:79:3c:3d:98:b5:70:f9:
79:09:12:4a:f2:b1:00:bb:f4:6e:72:30:5c:33:af:e0:0a:84:
89:8d:bd:36:94:73:12:5c:23:41:f7:31:9b:d0:37:09:e5:ba:
3b:c4:61:e2:75:57:b5:33:e5:9e:b4:c0:69:cb:43:60:28:b4:
3b:31:d6:9e
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzI3oT7STijMhdjaDNVNyX7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjQwMTAyMDYzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmRmYjVjZjlmYWJiMzRkOTEwZThhYmM3ODc5MzllNDI2MDFiNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOWhrTeFq+EGnP8+QkRqi/XLYRU8
gmxun0XRWxIk00FqiXWqm/oyt/HfCmzxvfFSkjVDe6S9ejXqpReN+i+Cv5fGUf90
PpPsaD6Uq5BA8zPduNJrwfRqpyANXq5T1Oylu+PgVwP/jk/o5qCrhDfMG/FvJYwo
8A8wJ7Tyw7XpQIaJgo+XvKOcEcRU3ovpUx42nt6SJAO/h7IwU8GWRR3SPragilVe
w6vOSf1wZeal2W415GpGHyDytNnTv+dcsgp9nGp1kagsd14lnqan5hx8vXH5lWSD
wWWxn0SCvdZlI/zxbucsp5qogZgwAnmgVp8qGgGqH7d0V3o1VXkGymxsZQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFCvftc+fq7NNkQ6KvHh5OeQmAbcOMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvSzktMXo1LXJzMDJSRG9xOGVIazU1Q1lCdHc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBXBAIAAjBRAwcAKgY7AAAA
AwcAKgkRQAAAAwcAKglAQAAAAwcAKglAwAAAAwcAKglqgAAAAwcAKgmXQAAAAwcA
KgmYwAAAAwcAKgmZQAAAAwcAKgnxgAAAMA0GCSqGSIb3DQEBCwUAA4IBAQBANdGm
qs7o/0HLJUkWMepda5kIfw/FnDu2xREMhtl188u3fGcSDA3w50OYA1WqAGjgvwLq
ntKLs93CiENrcSMjF67g23Im/PYNnvHGZzuOdLoVYUyZmF/9uTlaXgYoURAMe6vR
l5GREZOrdFynlue5M9wutqYODNDYe3WnLBPOjLPPoaDNCTVAqA5myoD8sf7kTWQm
t7q7gRS+oSdrHaDjiOVHk4iq2OvTpWUCKC5P9DIfZDNHuW/aSUBVH/aBhXk8PZi1
cPl5CRJK8rEAu/RucjBcM6/gCoSJjb02lHMSXCNB9zGb0DcJ5bo7xGHidVe1M+We
tMBpy0NgKLQ7Mdae
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:52:09 2024 by rpki-client on console-fra.rpki-client.org